73ca695912f6a9ef5c193b53e8edf003_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

73ca695912f6a9ef5c193b53e8edf003_JaffaCakes118
Size

504KB
MD5

73ca695912f6a9ef5c193b53e8edf003
SHA1

0b351bb18870cdf228d1444ffa201a4d85ed6cef
SHA256

7ea22e270a3b5b25c284ccb5e32cc67bbb95433ca03d86ba40396b3d037fded1
SHA512

78cafcc6a40daf4c4f878a55cf91054fff64b16ba8800bdc5bbe4ede0f7e513aac983b45a5dc8a0535b4654bfef1b038ff1014c64e547e0c6cfeaa4498b14458
SSDEEP

12288:A6TXrYSv/9L30YCXgQSaqmChbp8YwauQq:XY2/pZGg59Saup

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73ca695912f6a9ef5c193b53e8edf003_JaffaCakes118

Files

73ca695912f6a9ef5c193b53e8edf003_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51164b2b5eda200df02ddfa3145f8bb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
GetPropW
GetWindowThreadProcessId
GrayStringW
GetCapture
LoadIconW
CallNextHookEx
CreatePopupMenu
GetDesktopWindow
TabbedTextOutW
DispatchMessageW
SetPropW
LoadBitmapW
SystemParametersInfoA
FindWindowW
DestroyWindow
GetWindowTextLengthW
GetDlgCtrlID
CreateWindowExW
GetMenu
RemovePropW
GetAsyncKeyState
GetDlgItem
GetClassInfoExW
ShowScrollBar
AdjustWindowRectEx
MessageBoxW
ScreenToClient
SetCursor
InvalidateRect
GetWindowRect
PostMessageW
RemoveMenu
DestroyIcon
ShowWindow
GetSysColor
GetParent
GetForegroundWindow
TrackPopupMenuEx
IsMenu
GetClientRect
DrawFrameControl
GetMenuState
GetMenuItemID
PtInRect
InflateRect
GetWindowDC
GetFocus
DrawTextExW
LoadStringW
ReleaseDC
PostQuitMessage
GetWindowRgn
ClientToScreen
GetDC
DestroyMenu
IsIconic
CopyRect
RegisterClassExW
DefWindowProcW
RegisterClassW
GetMessageW
SetMenuDefaultItem
IsClipboardFormatAvailable
OffsetRect
EndDialog
SetForegroundWindow
EnableMenuItem
AppendMenuW
GetSubMenu
GetWindow
LoadCursorW
IsWindow
SetScrollInfo
FrameRect
IsWindowVisible
SetRectEmpty
EnableWindow
DrawTextW
GetWindowPlacement
GetSysColorBrush
GetMenuItemInfoW
GetActiveWindow
CloseClipboard
OpenClipboard

advapi32

SetFileSecurityA
GetFileSecurityA
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyA
RegEnumKeyExA
GetUserNameA
SetSecurityDescriptorDacl
RegCreateKeyExA
RegEnumKeyA
RegCloseKey
RegQueryValueExA
RegDeleteKeyA
RegSetValueA
RegQueryValueA
OpenProcessToken
InitializeSecurityDescriptor

gdi32

CreateCompatibleBitmap
SetViewportOrgEx
StretchBlt
StretchDIBits
CreateBrushIndirect
GetDeviceCaps
CreateRectRgnIndirect
EndPage
SelectObject
BitBlt
SetBrushOrgEx
DeleteObject
DeleteDC
StartPage
CreatePalette
SetWindowOrgEx
PtVisible
SetPolyFillMode
GetObjectW
CreateDCW
CreatePatternBrush
DeleteEnhMetaFile
RectInRegion
Rectangle
EndDoc

mfc42

ord1576

comctl32

ImageList_DragMove
PropertySheetA
ImageList_EndDrag
ord17
ImageList_BeginDrag
ImageList_GetImageCount
_TrackMouseEvent
ImageList_SetBkColor
ImageList_GetIcon
ImageList_GetBkColor
ImageList_AddMasked

oleaut32

LoadTypeLi

kernel32

GetStdHandle
GetCurrentProcessId
TerminateProcess
CompareStringA
RtlUnwind
GetModuleHandleW
InterlockedDecrement
IsDebuggerPresent
GetTickCount
GetCommandLineA
LoadLibraryW
LCMapStringA
GetModuleFileNameW
CreateFileA
GetCurrentThreadId
InterlockedExchange
GetLastError
WriteConsoleA
UnhandledExceptionFilter
HeapFree
TlsFree
LoadLibraryA
GetFileAttributesA
CloseHandle
SetLastError
DeleteCriticalSection
SetConsoleCtrlHandler
GetLocaleInfoA
InitializeCriticalSection
ReadFile
GetProcAddress
GetEnvironmentStrings
EnterCriticalSection
SetHandleCount
GetCPInfo
SetUnhandledExceptionFilter
CreateMutexW
WriteConsoleW
SetStdHandle
IsValidCodePage
FileTimeToSystemTime
GetCommandLineW
GetVersionExA
GetLocalTime
GetProcessHeap
FreeEnvironmentStringsW
RaiseException
GetModuleHandleA
WriteFile
GetDateFormatA
HeapDestroy
CompareStringW
HeapCreate
FlushFileBuffers
WideCharToMultiByte
GetACP
LeaveCriticalSection
GetOEMCP
SetFilePointer
GetCurrentProcess
SetEnvironmentVariableA
VirtualAlloc
GetEnvironmentStringsW
TlsGetValue
GetFileType
GetConsoleOutputCP
IsBadReadPtr
GetConsoleCP
TlsAlloc
HeapReAlloc
GetStringTypeA
GetStringTypeW
GlobalLock
GetStartupInfoW
TlsSetValue
LCMapStringW
GetTimeFormatA
VirtualFree
VirtualQuery
GetSystemTimeAsFileTime
QueryPerformanceCounter
MultiByteToWideChar
FreeEnvironmentStringsA
GetFullPathNameA
GetModuleFileNameA
DebugBreak
OutputDebugStringA
GetConsoleMode
HeapAlloc
GetTimeZoneInformation
lstrlenW
HeapValidate
GetStartupInfoA
ExitProcess
InterlockedIncrement
OutputDebugStringW

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51164b2b5eda200df02ddfa3145f8bb0

Headers

File Characteristics

Imports

user32

advapi32

gdi32

mfc42

comctl32

oleaut32

kernel32

Sections

.text Size: 216KB - Virtual size: 215KB

.rdata Size: 128KB - Virtual size: 126KB

.data Size: 64KB - Virtual size: 94KB

.rsrc Size: 92KB - Virtual size: 89KB

.text
Size: 216KB - Virtual size: 215KB

.rdata
Size: 128KB - Virtual size: 126KB

.data
Size: 64KB - Virtual size: 94KB

.rsrc
Size: 92KB - Virtual size: 89KB